[ Pobierz całość w formacie PDF ]
.Usually, this distinctionis clear and important.At times, however, the distinction between key rings and keyfilesshould be overlooked.When you want to treat a keyfile as a key ring, it must be in binaryformat.This means that you cannot use the -a option when generating the keyfile/key ring.If you want to send a subset of a key ring in a single keyfile, for example, you need to extracteach key, one-by-one, into a keyfile.PGP treats this keyfile as a key ring and all the keys can beextracted into another keyfile to send.The following example shows a simple Unix shell scriptthat extracts a set of keys into a file named keys.asc, which can be sent via e-mail to someoneelse.First PGP extracts the requested keys into a keyfile called keyfile.pgp.Next, PGP treatsthat keyfile as a key ring and extracts the keys into an armored keyfile called keys.asc.#!/bin/shrm -f keyfile.pgpfor user in user1 user2 user3; dopgp -kx $user keyfile.pgp;donepgp -kxa  keys.asc keyfile.pgprm -f keyfile.pgpYou can now e-mail the output file, keys.asc, to the intended recipients so that they can add itto their key rings using pgp -ka.Signing KeysA signature on a key is an important statement that a user can make about that key.In general,a signature on a key means that the signer has verified, to some degree, that the key actuallybelongs to the user whose userid is on the key.PGP uses signatures to build up trust in a key.In general, the more signatures on a key, the more likely that it will be trusted.The mereexistence of signatures on a key, however, is not enough to force PGP to trust the key as valid.A key signature is a binding between the key parameters (the RSA modulus and exponent,in the RSA case) with the userid that is being signed.If userids are added or changed, thesignature will fail.Users should never sign a key without first verifying it.Methods of verifica-tion are discussed in the section,  Key Fingerprints and Verifying Keys.When a key has been verified, a user may choose to sign it.Signing a key involves using asecret key to sign the public key parameters and the userid of the public key to be signed.To658 Part III: Messaging: Creating a Secure Channelsign a key, use the -ks option in PGP.For example, Ruth could sign the key of the useridwarlord in this manner:~> pgp -ks warlordPretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses.(c) 1990-1994 Philip Zimmermann, Phil s Pretty Good Software.11 Oct 94Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.Distributed by the Massachusetts Institute of Technology.Export of this software may be restricted by the U.S.government.Current time: 1995/11/21 18:42 GMTLooking for key for user  warlord :Key for user ID: Derek Atkins709-bit key, Key ID C1B06AF1, created 1992/09/25Key fingerprint = A0 9A 7E 2F 97 31 63 83 C8 7B 9C 8E DE 0E 8D F9READ CAREFULLY: Based on your own direct first-hand knowledge, areyou absolutely certain that you are prepared to solemnly certify thatthe above public key actually belongs to the user specified by theabove user ID (y/N)? yesYou need a pass phrase to unlock your RSA secret key.Key for user ID  Ruth Thomas Enter pass phrase: Pass phrase is good.Just a moment.Key signature certificate added.Next, PGP will go through the key ring and validate the trust parameters of the keys.BecauseRuth s own key is ultimately trusted, Ruth s signature implies that warlord s key is valid toRuth.In other words, PGP makes the assertion that a user who signs keys will not fool him- orherself into signing false keys.With this method, a signature by a user s own key is enough totrust its validity.When keys become trusted as valid, the keys can then act as introducers.PGP examines thekey ring and asks you to place a trust on valid keys.How much do you trust a key to sign otherkeys? For each valid key, PGP will ask this question.Using these answers, more keys canbecome trusted as valid, and so on.This is how the web of trust is built.For each valid key, PGP enables you to specify four trust values that specify how much youtrust the key as an introducer.A value of one (1) means that you do not know how much trustto place in the key.Therefore that key is not used to compute validity trust values.A trustvalue of two (2) means that you do not trust the key as an introducer.When these values areused on a valid key, PGP ignores signatures on other keys made by this one, so these valuesapply nothing towards the trust in another key.The trust value of three (3) denotes marginal trust in a key acting as an introducer; a value offour (4) denotes complete trust in a key acting as an introducer.PGP will add together thePGP 659number of completely trusted signatures and marginally trusted signatures and compare thevalues to the number of completes and marginals needed to fully trust a key as valid.Bydefault, PGP requires one completely trusted signature or two marginally trusted signatures tovalidate a key.These numbers can be changed through two configuration file options:COMPLETESNEEDED and MARGINALS_NEEDED.Make a determination in your own mind whether this key actuallybelongs to the person whom you think it belongs to, based on availableevidence [ Pobierz całość w formacie PDF ]